Nmap Development mailing list archives

Re: Adding new NSE discovered targets to Nmap

From: David Fifield <david () bamsoftware com>
Date: Mon, 6 Sep 2010 15:37:22 -0600

On Fri, Aug 13, 2010 at 05:22:15PM +0100, Djalal Harouni wrote:

On 2010-08-12 15:35:53 -0500, Ron wrote:

Attached a script that does a DHCP request then scans the DHCP address range. 

I ran into a couple issues, though. 

First, if I do socket:connect("255.255.255.255", 67, "udp") - it doesn't
work. It appears to, but packets don't get sent. I've run into issues with
broadcasting like that before, and I don't understand exactly what's going
on, but does anybody have any ideas? For now, in this script, I hardcoded
192.168.1.1 as the router's address -- definitely not optimal. 

Second, I have to use pcap_receive() to get the response from the DHCP
server (because DHCP is crazy). pcap_receive() requires an interface and a
MAC address. Since this is a prescan rule, there's no interface so I
hardcode "eth0". Is that going to break on non-Linux or is that standard
for Nmap? Is there some way I can enumerate ethernet interfaces so I can
send out the DHCP request on all of them? If not, would it be hard to add?


We should add support for iflist and getinterfaces() functions to
NSE to be able to enumerate and use net interfaces and perhaps routes ?
First I've planned to pass them in the net table to prerule/postrule
scripts, but the prefered solution was to not use a net table and only
add some NSE API.


Yes, such an interface is a good idea. Do you want to make a design and
API for it? Or you, Ron? What do you need in order to make dhcp-discover
work? Hardcoding eth0 is definitely going to break in many situations.

I think what we need is a table that represents the same information as
struct interface_info (libnetutil/netutil.h). Like nmap.getinterfaces()
would return a table of such tables.

Henri showed that we can get these kinds of changes in fairly quickly.
I'd love to see a patch and then get in these script changes (once we
solve the braodcasting issue too).

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: Receiving broadcasts in Nsock, (continued)
- - - Re: Receiving broadcasts in Nsock Patrik Karlsson (Aug 16)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 17)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 19)
    - Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 21)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
    - Re: Receiving broadcasts in Nsock Patrik Karlsson (Sep 30)
    - Re: Receiving broadcasts in Nsock David Fifield (Sep 30)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 12)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 31)
  - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Aug 13)
    - Re: Adding new NSE discovered targets to Nmap David Fifield (Sep 06)
    - Re: Adding new NSE discovered targets to Nmap Djalal Harouni (Sep 10)
- Re: Adding new NSE discovered targets to Nmap Kris Katterjohn (Aug 12)